Jay Wennington.

Email Brand Reputation Marketing 101

Email is easy to spoof and criminals are exploiting trusted well-known brands for their own personal gain. Consequently, email recipients can’t tell a real message from a fake one, and large mailbox providers (Google, Outlook, Yahoo, etc.) have to make very difficult — and frequently incorrect — choices about which messages to deliver and which ones to block or block as spam because the message might harm the recipient. Spammers are doing this for several reasons, including:

  1. Phishing and spear phishing are attempts to impersonate these domains so that unsuspecting victims inadvertently click, release personal information, login credentials, and/or install some malware, like key loggers or computer worms on to their computer. These fraudsters want to remain anonymous and fool the recipient by faking their email sending domain, which unfortunately is too easy.
  2. Similarly, VOIP telephone systems have created the same spoofing concerns for fake robo-callers, spamming our phones for the same reasons identified above. Sometimes, these two technologies are used together to fool the recipient. First you get a call, and then an email from what appears to be the underlying company.
  3. Some spammers want to increase their delivery success rate avoiding blacklisting on DNS blacklists and/or receiving non-delivery notifications (bounces) to their real addresses so they exploit other domains.
  4. The sender wants to cause your brand trouble and get your brand on to blacklists, such as, Spamcop or Spamhaus. The inconvenience can cause your IT team lots of hours cleaning up the mess and, in the mean time, your email marketing team will be out-of-business.

How can brands protect and monitor their email domain reputation?

The answer lies in following three technologies that are often either unknown or not applied correctly. When combined together, they offer a simple, low-cost, and effective email brand-defense solution.

SPF (Sender Policy Framework):

SPF makes it possible for email recipients to validate that the emails were transmitted from machines/servers that you identified as approved email senders for your brand’s domain(s). It’s free to do and easy to setup.

TXT domain records that are configured into your brand’s domain (SomeBrand.com) tell email recipient servers (think Gmail, Outlook, Yahoo, etc.) which email servers — based on IP addresses — are allowed to send email on behalf of that domain. You can test if your domain has SPF configured by using this SPF Checker Tool.

When emails are received, the SPF record can be checked and categorized as per the chart below. This will help with reporting, described later.

Source: http://www.openspf.org/SPF_Record_Syntax

During transmission, emails can be digitally signed by the sending email servers (specified by your SPF records) — using a public/private cryptographic domain key — where the private key is used to sign the outgoing email’s header and/or email body.

The public key is another TXT domain record that is configured into your brand’s domain (SomeBrand.com) which is used by the receiving email servers to decrypt the email and validate that message was, in fact, signed correctly by the sender email server (only possible if you have the private key).


DMARC (Domain-based Message Authentication, Reporting, and Conformance)

This is the glue that ties everything together. DMARC helps email senders and receivers work together to better secure emails, protecting your brand’s reputation by allowing you to monitor the volume and sources of spammers, fraudsters, and spoofers.

DMARC are TXT domain records that tell email recipients what to do when email transmissions fail either SPF checks (meaning they were sent by an unapproved IP address) and/or DKIM checks (meaning the record was not correctly digitally signed by the sender). Essentially, this is your brand’s policy and instructions for sending emails and where/how to report any emails received that do not comply with your sending policies.

When your policy is violated, the receiving email system can send a report (XML format) to a DMARC reporting IP address. For example, the following commercial solutions exist by these DMARC reporting vendors.


Overview of how it all works:

Source: https://dmarc.org/wp-content/uploads/2015/02/DMARC_author-to-recipient_flow.jpg

Benefits of using these technologies:

There are several important benefits that are accomplished by implementing these technologies.

  1. Brands can proactively monitor any email policy violations.
An example of a report dashboard.

2. Using this Phishing Scorecard Tool or sites like WatchGuard’s Reputation Authority, you can look up your brand’s reputation and/or check other brands by industry and/or country.

The United States banking phishing reputations.

3. By working together, brands and key email delivery platforms can more clearly identify spam and malware reputation, helping to make all companies have more productive and cost-effective communications.

Be safe out there! Visit www.milllenniumweb.com or call 516–682–8080 for help with your email marketing.